Skip to content

Instantly share code, notes, and snippets.

@ihcsim

ihcsim/gist:3eb07eaf57bf3a4fc15e5e4bcc164d2b

Last active November 5, 2024 23:36
Show Gist options
  • Save ihcsim/3eb07eaf57bf3a4fc15e5e4bcc164d2b to your computer and use it in GitHub Desktop.
Save ihcsim/3eb07eaf57bf3a4fc15e5e4bcc164d2b to your computer and use it in GitHub Desktop.
Download ZIP
Sign Others' GPG Key
Raw
gistfile1.md 
# pull the key from the remote key server
$ gpg [--keyserver keyserver.ubuntu.com] --recv-keys <remote_key_id>
 
# sign the key
$ gpg --sign-key <key_id>
 
# if there are multiple local keys, use a different local secret key for signing
$ gpg --local-user <local_key_id> --sign-key <remote_key_id>
 
# confirm that the key is signed
$ gpg --list-sig <remote_key_id>
 
# export and encrypt remote key
$ gpg -a --export <remote_key_id> | gpg -se -r <remote_key_id> > <remote_key_id>.asc.gpg

If signer pushed the signed key directly to key server, we can import the remote signed key back into our local keyring by downloading the pub key from the key server's web interface, then run:

gpg --import ef6baa3efda9b3fcc76f0f8ca33d0d43109616c9.asc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment